dslreports logo
    All Forums Hot Topics Gallery


how-to block ads

Search Topic:
share rss forum feed


reply to Ian

Re: LastPass KeePass (why there somewhat useless)

I will keep it simple, I will just back up the .kdb or .kdbx databases.
I only have 3 passwords to remember anyways Its not like a whole whole long list of them.

The issue with AxCrypt, that it does not use AES-256 only 128.

Thanks guys.

HA Nut
I glanced at my LastPass lists. I have over 225 passwords!! (Not all are in active use though.)

FWIW, while it would be nice for AxCrypt to be greater than AES-128, I am not aware that it is unsafe. If it is, I would like to be aware of any problems it has...

·Champion Broadba..
·Time Warner Cable
reply to Ian
said by Ian:

I think LastPass stores data on their servers as well. So you can access them from anywhere. They should not be lost even if your drive explodes.

Exacto mundo. You can log on to your Last Pass account from any computer in the world connected to the Internet and you have your master password.


I also have KeePass for Android which is very very cool and I love it in case my KeePass on my PC crashes!!!!!

So I do have a backup on my phone too.
So in case my phone crashes and dies, I still have KeePass on my PC and vice versa....Unless both the PC and the phone takes a dump on me....at the same time

I love KeePass, its simple to use and I just like it.

London, ON
·WIND Mobile
·TekSavvy Cable
Or a fire in which you value your safety over grabbing your phone on your way out the door. Automated backups with at least one that ends up offsite is the best way to keep your data preserved. But this also needs to be balanced with the more copies and locations your data is stored in the more vulnerable it is.


1 recommendation

reply to HA Nut
said by HA Nut:

FWIW, while it would be nice for AxCrypt to be greater than AES-128, I am not aware that it is unsafe. If it is, I would like to be aware of any problems it has...

AES-128 is considered by NIST to be secure beyond 2031. The amount of computing power required to discover a 128-bit key is currently FAR greater than all the computing power in the world combined. If every one of the 7 billion people on the planet tested 1 billion 128 bit keys per second, "The earth’s population can crack one encryption key (one drive only) in 77,000,000,000,000,000,000,000,000 years! " (from Seagate whitepaper).

AES-256 was recommended for Top-Secret by the NSA, not because 128 is at all vulnerable, but rather as future defense against theoretical Quantum computers employed by an adversary decades from now. A Quantum computer can solve keys in the square root of the time. So 2^128 can be attacked in 2^64 time.

But let's be realistic. Is a super-power in 15 years going to put a multi-billion dollar quantum computer to work cracking into your Lastpass or Keepass2 database to get into your Gmail or online bank account? Aren't you orders of magnitude more likely to have the password leaked via a key-logger or a pair of nosy eyes? Or to simply have the password beaten out of you?
“Any claim that the root of a problem is simple should be treated the same as a claim that the root of a problem is Bigfoot. Simplicity and Bigfoot are found in the real world with about the same frequency.” – David Wong